Author
Topic: Cannot ping firewall from LAN (Read 835 times)

Hello all, just updated to 18.7.10 and can no longer ping the firewall from my LAN. I can access the web GUI and get online, just cannot ping. Pings from cmd return "Request timed out". Wireshark says "No response seen to ICMP request". From the Web GUI > Interfaces>Diagnostics>Ping, I can ping the firewall itself as well as my laptop, but cannot ping from my laptop to the firewall. I can ping other clients on the LAN just fine.

I even created an ICMP pass rule as follows, but no luck:Action: PassInterface: LANTCP/IP Version: IPv4Protocol: ICMPICMP Type: anySource: LAN netDestination: This Firewall

Still I get "request timed out" when I ping the firewall's IP from my laptop. Any thoughts?

I have a LAN Net to This Firewall as well as a LAN Net to LAN Net ICMP pass rule, neither one seems to make a difference. It also doesn't seem to matter which LAN client I try from. I've tried to ping from a Windows 7 laptop as well as a Macbook running Mojave, I get a timeout either way.

Where would I find anti-spoof settings? Should I check the "bypass firewall rules for traffic on the same interface" box?

Logged

guest19757

Out of curiosity, did you run a ICMP packet capture on Lan interface to see that server is actually receive it? If the server is indeed receiving it but not responding and the appropriate FW rule(s) are set, perhaps you have network configuration problem?

Hmmm... I ran a packet capture on LAN interface and it does indeed see the ICMP echo request from my laptop. So it's just not responding for some reason. LAN clients (172.20.1.x) and the firewall (172.20.1.1) are on the same subnet, we only have one LAN net.

Why would one be so obsessed with pinging the firewalls LAN port? Did I miss something, but I have this disabled normally and I don't miss anything...

could be for when your connection goes down

i have issues where i have no access to gui via ip or name and no internet access - have to manually check the console by plugging in a keyboard and monitor, which shows the system is still operational but something is blocking connection to the box and internet from devices on lan, which i believe is IDS as can ping sites from console